Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa
File: r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa (raw, json)
Hash identifier: HFIG7iXNBsXb+vT7M7qx9nPx1zt4/JVmwPHUeyaqDfU=
Subject key identifier: AF:B5:90:18:C4:44:11:F2:38:16:68:3A:3D:0D:E4:B5:29:00:B6:97
Certificate issuer: /CN=7AB6E2F4C45731D03C27AEAFDD608611871B423C
Certificate serial: 0CA9
Authority key identifier: 7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa
Signing time: Wed 13 Mar 2024 01:23:31 +0000
ROA not before: Wed 13 Mar 2024 01:23:31 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 131530
IP address blocks: 103.43.192.0/22 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3241 (0xca9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7AB6E2F4C45731D03C27AEAFDD608611871B423C
Validity
Not Before: Mar 13 01:23:31 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=AFB59018C44411F23816683A3D0DE4B52900B697
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a8:fc:85:9e:02:f2:c3:51:b2:fb:9b:fd:aa:
63:8d:94:88:e9:30:a1:2e:90:78:4a:ff:45:48:4b:
c0:42:fd:37:c7:02:a0:68:1b:f7:f0:29:81:b0:ce:
5a:1f:d7:d7:37:8f:ee:58:99:76:f9:b9:53:4a:e3:
47:90:e2:5f:07:ae:94:47:d2:ed:f0:53:32:b0:2b:
a5:21:71:79:b0:89:99:5d:ad:07:a9:d4:89:5e:c6:
9e:ba:91:c3:a0:7f:14:7d:7d:23:ff:42:ac:d8:16:
bf:58:f5:54:90:e8:f8:81:21:0e:f0:be:3f:e9:38:
02:31:82:44:32:05:37:90:64:ea:9d:42:81:5d:4b:
e7:05:c6:89:64:3c:96:af:18:42:f7:bd:6a:9b:40:
03:9d:b0:01:50:09:e2:75:1f:54:0f:bb:fd:bc:6c:
ad:ef:15:88:8c:6f:85:da:70:63:71:da:03:0a:46:
64:0a:22:4a:38:85:85:0f:4c:13:40:99:9b:ab:37:
49:22:b4:59:64:30:6e:7d:1d:e3:00:f3:cf:14:cc:
a8:1a:b9:07:35:ed:6c:bf:25:b6:fa:70:db:d9:e3:
06:74:7b:b9:60:ea:e4:b3:36:c2:66:db:05:64:00:
fc:2a:01:91:ba:43:eb:48:bd:d7:67:b4:86:a2:22:
55:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B5:90:18:C4:44:11:F2:38:16:68:3A:3D:0D:E4:B5:29:00:B6:97
X509v3 Authority Key Identifier:
keyid:7A:B6:E2:F4:C4:57:31:D0:3C:27:AE:AF:DD:60:86:11:87:1B:42:3C
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/erbi9MRXMdA8J66v3WCGEYcbQjw.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/erbi9MRXMdA8J66v3WCGEYcbQjw.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/1030/r7WQGMREEfI4Fmg6PQ3ktSkAtpc.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
103.43.192.0/22
Signature Algorithm: sha256WithRSAEncryption
38:b1:63:ec:d7:5d:75:ef:0a:56:e9:9c:c7:fe:e2:e8:61:da:
7c:d0:50:1f:24:37:9b:42:90:1d:0f:14:97:6b:c5:3b:af:a1:
94:63:20:81:f1:2a:45:a4:20:af:ee:ad:d7:b0:53:e4:0b:b2:
10:96:1f:eb:b8:8d:70:0b:28:d3:1a:00:17:ed:2b:6f:a8:ea:
f0:2f:95:5f:e3:98:3f:49:98:97:57:34:49:cb:4d:5f:ed:41:
8e:91:e9:29:a6:76:83:22:71:f6:90:cf:5b:a2:d2:4c:aa:89:
b6:26:86:34:51:a5:2f:b3:fd:d4:f2:57:56:2e:64:4f:b5:1a:
9a:f3:8f:5e:af:f4:64:22:32:f6:f5:b0:e7:3e:3d:23:8a:94:
5a:4e:a2:f9:68:bb:65:d4:b9:3d:ad:8a:e6:1e:7d:0e:bc:41:
71:51:dc:f0:f3:fd:20:33:f9:91:00:6a:99:83:27:d1:b9:30:
fb:36:3c:a6:5e:53:bb:95:50:a4:75:b3:ed:83:a2:39:7f:b2:
11:98:08:06:30:94:61:a3:83:69:34:f2:33:52:12:d1:fa:07:
df:d8:7e:74:a5:58:e8:b9:fd:d5:0d:dd:e7:3f:36:67:10:66:
2d:b2:07:63:31:7c:7e:e8:64:56:18:04:0d:95:f3:d1:62:f4:
a6:6b:83:e6
-----BEGIN CERTIFICATE-----
MIIE1zCCA7+gAwIBAgICDKkwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoN0FC
NkUyRjRDNDU3MzFEMDNDMjdBRUFGREQ2MDg2MTE4NzFCNDIzQzAeFw0yNDAzMTMw
MTIzMzFaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKEFGQjU5MDE4QzQ0NDEx
RjIzODE2NjgzQTNEMERFNEI1MjkwMEI2OTcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDFqPyFngLyw1Gy+5v9qmONlIjpMKEukHhK/0VIS8BC/TfHAqBo
G/fwKYGwzlof19c3j+5YmXb5uVNK40eQ4l8HrpRH0u3wUzKwK6UhcXmwiZldrQep
1Ilexp66kcOgfxR9fSP/QqzYFr9Y9VSQ6PiBIQ7wvj/pOAIxgkQyBTeQZOqdQoFd
S+cFxolkPJavGEL3vWqbQAOdsAFQCeJ1H1QPu/28bK3vFYiMb4XacGNx2gMKRmQK
Iko4hYUPTBNAmZurN0kitFlkMG59HeMA888UzKgauQc17Wy/Jbb6cNvZ4wZ0e7lg
6uSzNsJm2wVkAPwqAZG6Q+tIvddntIaiIlV7AgMBAAGjggHzMIIB7zAdBgNVHQ4E
FgQUr7WQGMREEfI4Fmg6PQ3ktSkAtpcwHwYDVR0jBBgwFoAUerbi9MRXMdA8J66v
3WCGEYcbQjwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBdBgNVHR8EVjBUMFKg
UKBOhkxyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTAz
MC9lcmJpOU1SWE1kQThKNjZ2M1dDR0VZY2JRancuY3JsMGMGCCsGAQUFBwEBBFcw
VTBTBggrBgEFBQcwAoZHcnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJF
M0QwMDAwL2VyYmk5TVJYTWRBOEo2NnYzV0NHRVljYlFqdy5jZXIwDgYDVR0PAQH/
BAQDAgeAMIGdBggrBgEFBQcBCwSBkDCBjTBYBggrBgEFBQcwC4ZMcnN5bmM6Ly9y
cGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzEwMzAvcjdXUUdNUkVFZkk0
Rm1nNlBRM2t0U2tBdHBjLnJvYTAxBggrBgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNu
bmljLmNuL3JyZHAvbm90aWZ5LnhtbDAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAmcrwDANBgkqhkiG9w0BAQsFAAOCAQEAOLFj7Nddde8KVumcx/7i6GHafNBQ
HyQ3m0KQHQ8Ul2vFO6+hlGMggfEqRaQgr+6t17BT5AuyEJYf67iNcAso0xoAF+0r
b6jq8C+VX+OYP0mYl1c0SctNX+1BjpHpKaZ2gyJx9pDPW6LSTKqJtiaGNFGlL7P9
1PJXVi5kT7UamvOPXq/0ZCIy9vWw5z49I4qUWk6i+Wi7ZdS5Pa2K5h59DrxBcVHc
8PP9IDP5kQBqmYMn0bkw+zY8pl5Tu5VQpHWz7YOiOX+yEZgIBjCUYaODaTTyM1IS
0foH39h+dKVY6Ln91Q3d5z82ZxBmLbIHYzF8fuhkVhgEDZXz0WL0pmuD5g==
-----END CERTIFICATE-----
Generated at Mon Nov 4 05:26:13 2024 by rpki-client on console-fra.rpki-client.org